gotommlist.php3 3.96 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94
<?php
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2005 University of Utah and the Flux Group.
# All rights reserved.
#
include("defs.php3");

if (!$MAILMANSUPPORT) {
    header("Location: index.php3");
    return;
}

# No Pageheader since we spit out a redirection below.
$uid = GETLOGIN();
LOGGEDINORDIE($uid, CHECKLOGIN_USERSTATUS|
	      CHECKLOGIN_WEBONLY|CHECKLOGIN_WIKIONLY);
$isadmin = ISADMIN($uid);

#
# We will either show a specific list.
#
if (isset($pid) && $pid != "") {
    # XXX Yuck!

    if (!isset($gid) || $gid == "") {
	$gid = $pid;
    }

    if (! TBvalid_pid($pid)) {
	PAGEARGERROR("Invalid characters in $pid!");
    }
    if (! TBvalid_gid($gid)) {
	PAGEARGERROR("Invalid characters in $gid!");
    }
    if (! TBValidGroup($pid, $gid)) {
	USERERROR("No such project/group $pid/$gid!", 1);
    }

    #
    # Make sure the user is allowed! We must do a permission check since
    # we are asking mailman to generate a cookie without a password.
    #
    if (!$isadmin &&
	!TBProjAccessCheck($uid, $pid, $gid, $TB_PROJECT_READINFO)) {
	USERERROR("You are not a member of $pid/$gid.", 1);
    }

    if (strcmp($pid, $gid))
	$listname = "$pid-$gid" . "-users";
    else
	$listname = "$pid" . "-users";

    #
    # By default, we want the user interface to the archives. However, an
    # admin can request access to the list admin interface, and we need
    # a different cookie for that.
    # 
    $cookietype = "user";
    $listiface  = "private";
    if (isset($wantadmin) && $isadmin) {
	$cookietype = "admin";
	$listiface  = "admin";
    }

    SUEXEC($uid, "nobody", "mmxlogin $uid $listname $cookietype",
	   SUEXEC_ACTION_DIE);

    #
    # Parse the silly thing
    #
    # Set-Cookie: foo=2802; Path=/mailman/; Version=1;
    #
    if (!preg_match("/^Set-Cookie: ([-\w\+\.]+)=(\w*); ".
		    "Path=(\/[\w]+\/); Version=1;$/",
		    $suexec_output, $matches)) {
	TBERROR($suexec_output, 1);
    }
    # TBERROR($matches[1] . ":" . $matches[2] . ":" . $matches[3], 0);

    setcookie($matches[1], $matches[2], 0, $matches[3], $TBAUTHDOMAIN, 0);

    $url = "${MAILMANURL}/$listiface/$listname/";
}
elseif (isset($listname) && $listname != "") {
    #
    # Zap to a specific list admin page. Must be an admin, or must be the
    # owner of the list. We do not track list membership, so members need to
    # find their lists on their own. 
    #
    if (! TBvalid_mailman_listname($listname)) {
	PAGEARGERROR("Invalid characters in $listname!");
    }

95
    $optargs = "";
96 97 98 99
    #
    # Make sure the user is allowed! We must do a permission check since
    # we are asking mailman to generate a cookie without a password.
    #
100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116
    if (isset($wantadmin)) {
	if (!$isadmin) {
	    $mm_result = DBQueryFatal("select * from mailman_listnames ".
				      "where listname='$listname'");

	    if (!mysql_num_rows($mm_result)) {
		USERERROR("No such list $listname!", 1);
	    }
	    $row = mysql_fetch_array($mm_result);
	    $owner_uid = $row['owner_uid'];

           #
           # Verify permission.
           #
	    if ($uid != $owner_uid) {
		USERERROR("You do not have permission to admin $listname!", 1);
	    }
117
	}
118 119 120 121 122 123 124 125 126 127 128
	$cookietype = "admin";
	$listiface  = "admin";
    }
    elseif (isset($wantconfig)) {
	$cookietype = "user";
	$listiface  = "options";
	$optargs    = "?email=${uid}@${OURDOMAIN}";
    }
    else {
	$cookietype = "user";
	$listiface  = "private";
129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145
    }

    SUEXEC($uid, "nobody", "mmxlogin $uid $listname $cookietype",
	   SUEXEC_ACTION_DIE);

    #
    # Parse the silly thing
    #
    # Set-Cookie: foo=2802; Path=/mailman/; Version=1;
    #
    if (!preg_match("/^Set-Cookie: ([-\w\+\.]+)=(\w*); ".
		    "Path=(\/[\w]+\/); Version=1;$/",
		    $suexec_output, $matches)) {
	TBERROR($suexec_output, 1);
    }
    setcookie($matches[1], $matches[2], 0, $matches[3], $TBAUTHDOMAIN, 0);

146
    $url = "${MAILMANURL}/$listiface/$listname/$optargs";
147 148 149 150 151 152 153 154 155 156 157

    if (isset($link)) {
	$url .= $link;
    }
}
else {
    USERERROR("You are not a member of any mailing projects!", 1);
}

header("Location: ${url}");
?>